Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw (CWE-22) that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a same-basename script, Nero BackItUp renders the file as a folder icon and then invokes ShellExecuteW, which executes the script via PATHEXT fallback (.COM/.EXE/.BAT/.CMD). The issue affects recent Nero BackItUp product lines (2019-2025 and earlier) and has been acknowledged by the vendor.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nero BackItUp 安全漏洞
Vulnerability Description
Nero BackItUp是Nero公司的一个备份软件。 Nero BackItUp存在安全漏洞,该漏洞源于路径解析和UI渲染缺陷,可能导致用户点击特制条目时执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A